While CimTrak can help you achieve compliance with a number of PCI DSS security standard requirements, two sections, PCI 10.5.5 and PCI 11.5, specifically call for a file integrity monitoring solution such as CimTrak to be deployed.
Use file-integrity-monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert).
Deploy a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly.
Instant notification and in-depth insight into all changes. Complete coverage for your PCI environment and requirement 11.5.
Monitor critical configurations to ensure a PCI compliance state.
Monitor your PCI environment. Don’t let unauthorized access occur with your routers, firewalls, and network devices.
Compliance with PCI DSS should be viewed as a temporary condition, a “snapshot” of your systems at a given moment. PCI Compliance is subject to change at any moment. Much to their chagrin, many organizations have learned this lesson the hard way.
PCI solutions often fall short because while they can show that the environment is compliant at one point in time, they have no ability to assure that the compliance in continual. Once you have employed various tools to get your PCI environment into a known good state, the key is to do everything possible to detect and prevent changes that will alter that state.
Learn how to automatically check a large number of critical configurations on your systems for PCI compliance with CimTrak’s Compliance Module
See how CimTrak helps with your PCI environment.
Learn how a Level 1 PCI organization met and exceeded PCI compliance with CimTrak.
A complete checklist for each of the PCI requirements.